Record summary
A quick snapshot of what this page covers.
Control summary
What this defense is meant to help prevent.
When deploying an AI agent that acts as a representative of a user and performs actions on their behalf, it is important to implement robust policies and controls on permissions and lifecycle management of the agent. Lifecycle management involves establishing identity, protocols for access management, and decommissioning of the agent when its role is no longer needed. Controls should also include the principle of least privilege and delegated access from the user account. When acting as a representative of a user, the AI agent should not be granted permissions that the user would not be granted within the system or organization.
- ATLAS ID
- AML.M0027
- Priority score
- 35
Covered techniques
Attacks this defense is designed to help with.
AML.T0053 - AI Agent Tool Invocation
Configuring AI agents with permissions that are inherited from the user for tool use can limit an adversary's ability to abuse tool invocations if the agent is compromised.
AML.T0085.001 - AI Agent Tools
Configuring AI agents with permissions that are inherited from the user can limit an adversary's ability to collect data from agent tool invocation if the agent is compromised.
AML.T0101 - Data Destruction via AI Agent Tool Invocation
Configuring AI agents with permissions that are inherited from the user for tool use can limit an adversary's ability to abuse tool invocations if the agent is compromised.
AML.T0085 - Data from AI Services
Configuring AI agents with permissions that are inherited from the user can limit an adversary's ability to collect data from AI services if the agent is compromised.
AML.T0086 - Exfiltration via AI Agent Tool Invocation
Configuring AI agents with permissions that are inherited from the user for tool use can limit an adversary's ability to abuse tool invocations if the agent is compromised.
AML.T0082 - RAG Credential Harvesting
Configuring AI agents with permissions that are inherited from the user can limit an adversary's ability to harvest credentials from RAG Databases if the agent is compromised.
AML.T0085.000 - RAG Databases
Configuring AI agents with permissions that are inherited from the user can limit an adversary's ability to collect data from RAG Databases if the agent is compromised.
Source
Where this page information comes from.
Original source
Original source links
Open the public records and source datasets used for this page.